Computer Forensics Case Studies

Case Study — Intellectual Property, Brand Protection and Civil Seizure
Case Type — Computer Forensics, Electronic Auditing, E-Mail
Environment — Desktops, Laptops, Distribution Software and Sales Management System 

GDF supported Attorneys, Private Investigators and US Marshalls on a civil seizure. The clients intellectual property, in this case garments, were being counterfeited and sold throughout the United States.  GDF supported the seizure team by locating additional locations during the seizure as well as gathering digital evidence onsite eliminating the need to remove and return computers and other electronic devices ensuring that the terms of the order were adhered to and expediting the gathering of evidence.

Case Study — Banking, Corporate Fraud SOX Auditing
Case Type — Computer Forensics
Environment — Complex Network, Mainframe, Banking Industry Specific Software, Email, Voice Mail

A large accounting firm was hired to audit certain activities related to loans to individuals on the Board of Directors of a medium size, publicly traded bank (the Bank). During the Audit, the auditors needed to examine several computer systems used by certain Bank employees as well as by certain Board Members. GDFs digital forensic examiners were immediately dispatched and sent in to arrange for the forensic analysis of the computer systems and to to search for corroborating evidence in support of the audit teams suspicions and findings. The systems GDF analysts forensically analyzed included laptop computers issued to managers in the loan origination department, desktop systems used by managers and board members. Email (Exchange) servers as well as Voicemail Systems were examined.

Case Study — Drug Diversion, Brand Protection, Counterfeiting and International Fraud
Case Type — Computer Forensics, Law Enforcement Support, Criminal
Environment — Email, Desktops, Laptops, Blackberries (BES and Handhelds), Foreign Language Data

A Pharmaceutical Company began receiving complaints from its representatives in certain geographical areas that sales of normally high volume drugs were slowing down considerably. The companies internal security department as well as the security departments of its major distributors began an investigation. The results of the investigations led the security professionals to believe a significant amount of the companies product was being diverted from foreign countries into The United States and sold through smaller distributors who specialized in sales to locally, privately owned, pharmacies and dispensaries within nursing homes. The diversion activities were immediately reported to the local authorities in the regions as well as to the FDA. An investigation was immediately launched and millions of dollars of diverted drugs and repackaging equipment was seized from several locations, including the warehouses of fully licensed pharmaceutical distributors. Along with the diverted product the computers and other electronic equipment was also seized. The seizure went smoothly and the company was satisfied as were investigators from the FDA and local law enforcement however the case was severely hindered by the fact that the majority of communications between the principals of the distribution companies (foreign nationals) and the foreign suppliers was conducted by email. There were was also virtually no paper records on site. While the local authorities and the FDA had access to computer forensic labs both faced similar roadblocks in their investigations; the labs were severely backlogged and the systems were encrypted and fairly complex as well as being a foreign language.

Case Study — Data Forensics, Computer Forensics
Case Type — Internal Corporate Fraud
Environment — Complex Multi-Location Network and Desktop
Industry — Banking

Case Study — Electronic Data and Document Discovery
Case Type — Complex Litigation
Environment — Legacy and Updated Mainframe
Industry — Financial
Quantity of Data — 12 Terabytes (millions transactions and documents)

Case Study — Digital Document Forensics, Computer Forensics
Case Type — Massive Financial Fraud
Environment — Mainframe and Network Industry Financial
Quantity of Data — Terabytes

Case Study  — Digital  Data Forensics/Electronic Document Discovery/ Computer Forensics
Case Type —  Massive Securities Fraud
Environment — Complex, Desktop, Raw Transaction Data, E-Mail
Industry — Financial Services

Case Study —  Digital Forensics/Regulatory
Case Type — Insurance Industry Regulation
Environment — Complex Mainframe, Desktop, Raw Transaction Data, E-Mail
Industry — Insurance

Case Study — Electronic Data Discovery and Computer Forensics
Case Type — Intellectual Property
Environment — Large Network, International WAN
Industry — Manufacturing/Wholesale
Quantity of Data — Large E-Mail Server (Notes), CRM System (Customer Relationship Management) Database, PeopleSoft Task Work with counsel on Discovery Requests, Depositions, 30(b)6 and data correlation, coding and link analysis.

Download the case study in Adobe Acrobat PDF format